This tutorial will teach you how to access the server of your choice using SSH or secure shell (also known as Terminal Services or Telnet). The server will be located either remotely or inside a private network; the access methods will be similar. In the latter case, the server might be locked down to only allow certain commands or actions through specific protocols. In particular, you will learn about the SSH protocol, which is used to access servers remotely (via the Internet) as well as to login to a command prompt or shell on a locally-connected server (using an internal network connection).
Note: Local Access vs. Remote Access
Before we start, let us briefly discuss the differences between accessing a server locally vs. remotely. When you access a server remotely, the connection is established through a VPN or Virtual Private Network. This type of connection is often secured using TLS (Transport Layer Security) and/or SSH (Secure Shell) encryption. Once connected, you can access the server using either the command line (if it is a UNIX-based server) or a Graphical User Interface (for Windows-based servers).
SSH vs. Secure Shell (SSH)
As mentioned above, SSH is the standard protocol for logging into a UNIX-based (or, more generally, Linux-based) server. It was created in 1992 as a replacement for Telnet and was officially standardized in 1994. While Telnet is a plaintext-based protocol that can be easily intercepted, SSH is encrypted using secure socket layer (SSL) and, thus, less susceptible to eavesdropping. More importantly, because it is a replacement for Telnet, SSH offers many additional features that allow for greater security (and, hence, authentication) and convenience.
As a general rule, you should use SSH to log into any server that supports the protocol; if in doubt, you can connect to the server using Telnet and then switch to SSH once you are logged in. In some cases, you might need to disable the Telnet protocol temporarily or even completely (see below).
Secure Sockets Layer (SSL)
SSL is the standard in the field of encryption for web browsers and other software applications that access websites or other online resources. It was originally designed for use in web servers to provide a secure (encrypted) connection between a website and the user’s device. However, SSL can be used for many other applications—including VPNs. This is mainly because it offers strong encryption (up to 256-bit RSA) and perfect forward secrecy (once a session is established, previous communications are securely erased). In essence, SSL guarantees that the data transferred over an unsecure (or, at least, untrustworthy) channel is completely confidential.
To use SSL, you will need a private/public key pair. The former serves as a ‘lock’ that can be used to encrypt data; the latter is used to decrypt it. Because the private key is never transmitted over an unsecure channel, it offers the exact same level of security as a password (and, hence, can be used to securely store your online credentials).
Telnet and The TELNET Command
Telnet is another protocol that is used to access servers remotely; however, it is mostly known for its role in the creation and maintenance of the TCP/IP network. When you access a server using Telnet, you are effectively ‘locally’ connecting to it. Even if the server itself is locked down and only allows certain protocols and/or commands through specific ports, you can still use Telnet to connect and issue commands.
The TELNET command is one of the most basic and, at the same time, one of the most useful commands for accessing a server. This is mainly because the command opens a connection to a server and allows you to authenticate and issue commands using the same protocol as the server itself. A connection to a Telnet server is usually established to allow for the following tasks:
- to log in and access the server, with or without a password, using the default OS terminal interface (e.g., a Windows CMD shell or a UNIX shell)
- to change the system’s configuration, including the volume ID and the network settings (e.g., IP address and DNS servers)
- to download and install new software or updates (e.g., from a Linux repository)
- to execute shell commands on the remote server, either interactively or in a batch file
- to forward ports so that another computer can access the remote server (e.g., through a firewall or router)
You can use the TELNET command to connect to a server over the Internet and access its configuration (including the OS terminal interface and any locally-mounted shell file systems). Before we begin, it is imperative to understand that Telnet cannot and will not encrypt your communications with the server. It was designed to be a simple protocol that can be easily intercepted and, thus, is not secure. This is also why you should avoid using Telnet to access sensitive or confidential information.
SSH and The SSH Command
As mentioned above, SSH is the standard protocol for logging into a UNIX-based server. When you access a server using SSH, you are establishing a secure (encrypted) connection to it. This, in turn, allows you to authenticate yourself to the server and, ultimately, execute commands securely (just like you would if you were connected to the server over a secure network channel).
The SSH command offers many useful features that make it a favorite among system administrators and other people who manage and administer large networks of servers. One of the most useful features is the ability to establish a secure connection with a server even if it is locked down and does not allow for remote access using standard protocols (e.g., Telnet or TCP/IP). In addition, if you are using an SSH client that supports public/private key pairs, you do not have to enter your password every time you connect to a server; this, in turn, makes logging in even easier. An SSH client is a program that connects to an SSH server and allows the user to authenticate and perform actions on a remote server (including the ability to install new software). Popular SSH clients include Windows CMD Shell and Linux Terminal.
When using SSH, you should avoid entering passwords where possible; instead, an authentication key (also known as a ‘token’ or ‘cookie’) should be used. The advantage of this method is that it provides the same level of security (if not more) as a password, but it does not have to be typed in every time you want to connect (as in the case of a password). Thus, using authentication keys is far more convenient and, ultimately, makes for a more secure connection.
How to Access a Server through SSH or Secure Shell
To access a server using SSH or Secure Shell, you will need to follow these seven simple steps:
- First, you will need to determine the remote server’s IP address.
- Next, you will need to find the port or number that the server is listening on (this will depend on the version of the server software being used).
- Once you have found these, you can connect to the server using either SSH or Secure Shell.
- If using SSH, you will need to specify a user name and password. In most cases, this will be the same as the login name and password for the server account.
- Next, you will need to log in to the server and issue a number of commands to set up the terminal interface (e.g., to change the working directory and/or the shell to be used).
- Once connected, you can use the server as you normally would, except that all your commands will be encrypted.
- To logout, you will need to issue the exit command. When exiting, you will be prompted to enter your password if it has not been entered during the session. In most cases, it is not necessary to enter your password the first time you connect to the server, but you might need to if you are using a new version of SSH or a new type of authentication.
In many cases, connecting to a server using SSH will be the same as connecting to it using Telnet. The only real difference will be that all your communications will be encrypted. This allows for better security and, ultimately, prevents others (including yourself) from eavesdropping.